Security Update 2007-007 released

[bil207]

Apple has released Security Update 2007-007.

"Security Update 2007-007 is recommended for all users and improves the security of the following components:"

bzip2
CFNetwork
Core Audio
cscope
gnuzip
Kerberos
mDNSResponder
PDFKit
PHP
Quartz Composer
samba
WebKit
WebCore

You can get more info. on Security Update 2007-007 and download it here or use Software Update.

[Dreambird]

Doesn't show up in my Software Update because I'm still at 10.4.9... so I checked the site and it says it's for 10.3.9 and 10.4.10.

Confusion...

Does one try to install it on 10.4.9 or assume if one doesn't care to take the plunge to 10.4.10 one doesn't need the Security Updates? I find I'm in no hurry to go there since it seems to have caused it's share of problems...

Decisions... decisions...  

[pendragon]

DB,

Apparently, 10.4.10 created a vulnerability that was absent in 10.4.9, ergo, no updater for those folks  

Ah, progress...

[tacit]

QUOTE

Apparently, 10.4.10 created a vulnerability that was absent in 10.4.9, ergo, no updater for those folks

Actually, that's not quite true.

Apple only releases security updates for the highest point version of each release of Mac OS X. So 10.3.8 is vulnerable, but they do not patch 10.3.8--only 10.3.9. 10.4.9 is vulnerable, but Apple does not patch 10.4.9, only 10.4.10. You must update to the latest point release in order to get security updates.

Mac OS X 10.4.0 through 10.4.9 are vulnerable. However, Apple does not release security updates for them, because it would have to write 10 different security patches and test them in all 10 different Mac OS configurations. So if you stay at 10.4.9, or any earlier version, you do have these vulnerabilities and they will not be fixed unless you install 10.4.10.

[pendragon]

Tacit,

That's good to know and much appreciated.

As usual, it's not what I don't know that hurts. It's what I know to be true, but it ain't.

[beacher]

T'anx, Tacit!

[Francine Eisner]

QUOTE(bil207 @ Jul 31 2007, 09:37 PM) <{POST_SNAPBACK}>

Apple has released Security Update 2007-007.

"Security Update 2007-007 is recommended for all users and improves the security of the following components:"

bzip2
CFNetwork
Core Audio
cscope
gnuzip
Kerberos
mDNSResponder
PDFKit
PHP
Quartz Composer
samba
WebKit
WebCore

You can get more info. on Security Update 2007-007 and download it here or use Software Update.

I installed this Security Update and, just for the record, my browsing experience has slowed down considerably, in all browsers. Does anyone have any suggestions?

And yes, I did repair permissions after installation.

Cheers,
Francine

(The Mac Gardener)

[krissel]

Try cleaning out the cache from your browsers. Also if you are on cable, go into your Network settings/TCP panel and renew your DHCP to get a fresh connection. Don't forget to click on "Apply Now".

[Francine Eisner]

QUOTE(krissel @ Aug 4 2007, 02:37 AM) <{POST_SNAPBACK}>

Try cleaning out the cache from your browsers.

Hi -

I have already done so, and the history, etc. This helped, but only a little. I also dumped nearly all of my bookmarks imported from IE (don't really use 'em anyway) and same thing...helped a little.

I don't know what the reason for the security patch is, and I guess I shouldn't complain so much. If Apple thinks more security is needed, whatever the downside it's alot better than catching a virus, having one's identity stolen, or having spambots installed on one's computer.

I'm actually a little skeptical that we aren't getting "bots." Every time I do anything on the eBay site I get emails which are ostensibly from them. I usually send them to eBay saying "Is this from you?" Sometimes it is, sometimes not. But I am sufficiently wary that if I buy something I never pay via PayPal, but send a money order.

Cheers,
Francine

(The Mac Gardener)